Difference between revisions of "Gsutil acl set"

From wikieduonline
Jump to navigation Jump to search
Line 15: Line 15:
  
 
* <code>gsutil acl get gs://bucket/file.txt > acl.txt</code>
 
* <code>gsutil acl get gs://bucket/file.txt > acl.txt</code>
 +
 +
Make changes to acl.txt such as adding an additional grant, then:
 +
 +
* <code>gsutil acl set acl.txt gs://cats/file.txt</code>
 +
 +
Note that you can set an ACL on multiple buckets or objects at once. For example, to set ACLs on all .jpg files found in a bucket:
 +
 +
* <code>gsutil acl set acl.txt gs://bucket/**.jpg</code>
 +
If you have a large number of ACLs to update you might want to use the gsutil -m option, to perform a parallel (multi-threaded/multi-processing) update:
 +
 +
* <code>gsutil -m acl set acl.txt gs://bucket/**.jpg</code>
 +
 +
Note that multi-threading/multi-processing is only done when the named URLs refer to objects, which happens either if you name specific objects or if you enumerate objects by using an object wildcard or specifying the acl -r flag.
 +
 +
===Set Options===
 +
 +
The "set" sub-command has the following options
 +
 +
*<code>-R, -r</code>
 +
Performs "acl set" request recursively, to all objects under the specified URL.
 +
 +
*<code>-a</code>
 +
Performs "acl set" request on all object versions.
 +
 +
*<code>-f</code>
 +
Normally gsutil stops at the first error. The -f option causes it to continue when it encounters errors. If some of the ACLs couldn't be set, gsutil's exit status will be non-zero even if this flag is set. This option is implicitly set when running "gsutil -m acl...".
  
 
  [[gsutil acl set private]]
 
  [[gsutil acl set private]]

Revision as of 10:14, 1 August 2022

gsutil acl set

Set

The "acl set" command allows you to set an Access Control List on one or more buckets and objects. The file-or-canned_acl_name parameter names either a canned ACL or the path to a file that contains ACL text. The simplest way to use the "acl set" command is to specify one of the canned ACLs, e.g.,:

  • gsutil acl set private gs://bucket

If you want to make an object or bucket publicly readable or writable, it is recommended to use "acl ch", to avoid accidentally removing OWNER permissions. See the "acl ch" section for details.

See Predefined ACLs for a list of canned ACLs.

If you want to define more fine-grained control over your data, you can retrieve an ACL using the "acl get" command, save the output to a file, edit the file, and then use the "acl set" command to set that ACL on the buckets and/or objects. For example:


  • gsutil acl get gs://bucket/file.txt > acl.txt

Make changes to acl.txt such as adding an additional grant, then:

  • gsutil acl set acl.txt gs://cats/file.txt

Note that you can set an ACL on multiple buckets or objects at once. For example, to set ACLs on all .jpg files found in a bucket:

  • gsutil acl set acl.txt gs://bucket/**.jpg

If you have a large number of ACLs to update you might want to use the gsutil -m option, to perform a parallel (multi-threaded/multi-processing) update:

  • gsutil -m acl set acl.txt gs://bucket/**.jpg

Note that multi-threading/multi-processing is only done when the named URLs refer to objects, which happens either if you name specific objects or if you enumerate objects by using an object wildcard or specifying the acl -r flag.

Set Options

The "set" sub-command has the following options

  • -R, -r

Performs "acl set" request recursively, to all objects under the specified URL.

  • -a

Performs "acl set" request on all object versions.

  • -f

Normally gsutil stops at the first error. The -f option causes it to continue when it encounters errors. If some of the ACLs couldn't be set, gsutil's exit status will be non-zero even if this flag is set. This option is implicitly set when running "gsutil -m acl...".

gsutil acl set private

See also

Advertising: